How Do I . . .?: Automate Scheduled Patching

Show Me!

A video tutorial is available on this topic. To access the video, click the following link:

Watch a related video (04:25)

Overview Information

A scheduled scan enables you to specify exactly when a scan should be performed. You can configure Security Controls to automatically perform recurring scheduled scans and to automatically deploy any missing patches it detects during a scan.

  1. (Optional) Create a custom patch group and a custom patch scan template.
    This step is necessary if you want to control exactly which patches you scan for and deploy. You do this by first creating a patch group that contains just your approved patches, and then using it as a patch filter in a custom patch scan template.
  2. If the scheduled scan is something you intend to perform regularly (for example, to coincide with Microsoft's monthly patch release), you will also have to update the patch group on a regular basis.

  3. (Optional) Create a custom machine group or a favorite.
    Using one of the default machine groups will work, too.
  4. (Optional) Create a deployment template.
    Using one of the default templates will work, too.
  5. Initiate a scan from the Agentless Operation page, from a machine group, or from a favorite.
  6. On the Agentless Operation page, choose the Recurring option and specify when you want the scheduled scans to be performed.
    You can schedule a scan to run once at a specific time, or you can schedule a recurring scan. See Scheduling Patch Scans for complete details.
  7. Enable the Auto-deploy patches after scan check box.
  8. Select the desired deployment template and specify when the deployment should occur.
  9. Click Schedule.
  10. If prompted, select credentials that can be used to schedule the job on the console machine.
  11. Use the Scheduled Console Tasks Manager to review scheduled scans.